CVE-2025-53112 is a medium-severity vulnerability affecting the GLPI software, an open-source IT asset and service management tool widely used for ITIL service desk operations, license tracking, and software auditing. The vulnerability exists in versions 9.1.0 through 10.0.18 of GLPI and is caused by improper access control (CWE-284) and insufficient authorization checks (CWE-862). Specifically, the flaw allows users with limited privileges (requiring at least some level of authentication) to remove certain specific resources without proper permission verification. This unauthorized removal could lead to integrity issues within the system, as critical assets or configurations might be deleted by users who should not have such rights. The vulnerability does not impact confidentiality or availability directly, nor does it require user interaction beyond authentication. The CVSS 3.1 base score is 4.3, reflecting a network attack vector with low complexity and requiring privileges but no user interaction, resulting in integrity loss only. The issue was publicly disclosed on July 30, 2025, and fixed in GLPI version 10.0.19. No known exploits are currently reported in the wild. The vulnerability highlights the importance of strict permission checks in IT management platforms that handle sensitive asset and configuration data.

For European organizations, the impact of this vulnerability can be significant depending on their reliance on GLPI for IT asset management and service desk operations. Unauthorized removal of resources could disrupt IT service management workflows, cause loss or corruption of asset tracking data, and potentially lead to mismanagement of licenses or software audits. This can degrade operational efficiency and increase risk exposure due to inaccurate asset inventories. While the vulnerability does not directly expose sensitive data or cause system downtime, the integrity compromise could indirectly affect compliance with regulatory frameworks such as GDPR if asset or license records are altered or deleted improperly. Organizations with complex IT environments or those managing critical infrastructure may face increased operational risks. The lack of known exploits reduces immediate threat but does not eliminate the risk of targeted attacks exploiting this flaw.

European organizations using GLPI should promptly upgrade to version 10.0.19 or later, where this vulnerability is fixed. Until the upgrade is applied, administrators should review and tighten user permissions, ensuring that only trusted and necessary users have rights to remove resources. Implementing strict role-based access control (RBAC) policies and regularly auditing permission assignments can reduce the risk of unauthorized actions. Additionally, monitoring logs for unusual deletion activities and enabling alerting on such events can provide early detection of exploitation attempts. Organizations should also consider isolating GLPI instances within secure network segments and enforcing multi-factor authentication (MFA) for administrative access to further reduce risk. Regular backups of GLPI data should be maintained to enable recovery in case of unauthorized deletions.